Setting Up Okta SSO Authentication
OKTA
Prerequisites
To configure a SAML 2.0 application with Single Sign-On, you need:
- An Okta user account with Admin permissions.
- Access to the Admin Console section.
Create an Application
Sign in to your Okta application using an Administrator account.
Browse to Admin Console > Applications > Applications section.
Click in Create App Integration.
Select SAML 2.0 Sign-in method and click Next.
General Settings
Step (1): Write a name for your Application, choose an App logo (optional) and click Next.
Configure SAML App with HQ App
In HQ app, go to User & Authentication > SAML Login.
Turn on the Enable for sign-up and sign-in toggle button.
Take note on the Sign-ON URL and Audience fields. Metadata URL will be filled in later.
Go back to the Okta page, in Step (2): Configure SAML.
Copy the values from HQ App into their respective fields in Okta App.
Okta default values for other configuration fields already comply with HQ requirements, so no further changes are required.
For Step (3): Feedback, select the This is an internal app that we have created option and click Finish.
After the App is created, you will be directed to the General information tab.
Go to Sign On tab to see the Metadata URL provided by Okta.
Copy this URL and paste it into HQ’s Metadata URL field in SAML Login configuration view, as seen in Step (2). Save the changes.
Assign Users & Groups to your Okta App
Don’t forget to grant access to your new Okta Application by using the Assignments tab and add your Users and Groups.
Now you can use your Okta credentials to login via SSO into HQ application!
* Only the Users / Groups defined in the Okta App’s Assignments will be granted access.
For more references and details about Okta applications, we can check official documentation here:
Create SAML app integrations | Okta Classic Engine
Application Integration Wizard SAML field reference | Okta Classic Engine